<?php

include('init.php');


$menu_items = array(
	array('title' => "Homepage", 'link' => $PBASEHTTP . "/"),
	array('title' => "Add new", 'link' => $PBASEHTTP . "/?action=new")
);

$recent_posts = $pastebinNG->get_recent_posts(5);

if($recent_posts == FALSE) {
		$recent_posts = array();
} else {
	foreach($recent_posts as $k => $v) {
		$recent_posts[$k]['link'] = $PBASEHTTP . "/?action=view&id=" . $v['post_id'];
		if(strlen($v['title']) == 0) {
			$recent_posts[$k]['title'] = $v['id'];
		}
	}
}

$tpl_index = new fbTemplate($TEMPLATES . "index.html");
$tpl_index->set('head_title', "Pastebin-NG v0.1");

$tpl_menu = new fbTemplate($TEMPLATES . "sidebar.html");
$tpl_menu->set('menu_items', $menu_items);
$tpl_menu->set('recent_posts', $recent_posts);
$tpl_index->add_child('sidebar', $tpl_menu);

$page = NULL;
$header = "";
$err = "";
$head_extra_arr = array();

if(isset($_REQUEST['action'])) {
	switch($_REQUEST['action']) {
		case 'view':
			if(isset($_REQUEST['id'])) {
				$id = intval($_REQUEST['id']);
				if($id > 0) {
					$paste = $pastebinNG->get($id, TRUE);
					if($paste != FALSE) {
						if(isset($paste['css']) && $paste['css'] != NULL) {
							$cssfname = $PBASEDIR . "/htdocs/static/css/dynamic/" . $paste['format']  . ".css";
							if(file_exists($cssfname)) {
								$mtime = filemtime($cssfname);
								if($mtime < time() - (60 * 60)) {
									$replacecss = TRUE;
								} else {
									$replacecss = FALSE;
								}
							} else {
								$replacecss = TRUE;
							}
							if($replacecss == TRUE) {
								file_put_contents($cssfname, $paste['css']);
							}
							$head_extra_arr[] = '<link type="text/css" rel="stylesheet" href="' . $PBASEHTTP . '/static/css/dynamic/' . $paste['format'] . '.css" />';
						}
						if(count($paste['tags']) > 0) {
							foreach($paste['tags'] as $k => $v) {
								$paste['tags'][$k] = array(
									 'link' => $PBASEHTTP . "/?action=tagsposts&tag=" . $v
									,'tag' => $v
								);
							}
						}
						$tpl_paste_view = new fbTemplate($TEMPLATES . "paste_view.html");
						$arr1 = array('title', 'author', 'body', 'datetime', 'tags');
						foreach($arr1 as $v) {
							$tpl_paste_view->set($v, $paste[$v]);
						}
//						$tpl_paste_view->set('datetime', $paste['datetime']);
						$tpl_index->add_child('body', $tpl_paste_view);
						if(strlen($paste['title']) > 0) {
							$title = $paste['title'];
						} else {
							$title = $paste['post_id'];
						}
						$header = $title . " - " . $paste['author'] . " @ " . $paste['datetime'];
					} else {
						$err = "Invalid ID specified!";
					}
				} else {
					$err = "Invalid ID specified!";
				}
			} else {
				$err = "Invalid arguments!";
			}
			break;
		case 'new':
			if(isset($_REQUEST['save']) && $_REQUEST['save'] == 1) {
				if(isset($_POST['title']) && isset($_POST['body']) && isset($_POST['author']) && isset($_POST['format']) && isset($_POST['expire']) && isset($_POST['tags'])) {
					// TODO VALIDATION !!! SECURITY RISK !!! Well not really, everything is escaped... Just XSS might be a risk...
					$title = $_POST['title'];
					$body = $_POST['body'];
					$author = $_POST['author'];
					$format = preg_replace("[^a-zA-Z0-9\-]", "", $_POST['format']);
					$tags = preg_replace("[^a-zA-Z0-9\- ]", "", $_POST['tags']);
					$expire = intval($_POST['expire']);
					$id = $pastebinNG->set($title, $author, $format, $body, $expire, $tags);
					if($id > 0) {
						header("Location: " . $PBASEHTTP . "/?action=view&id=" . $id);
						exit;
					} else {
						$err = "Error saving!";
					}
				} else {
//					var_dump($_POST);
					$err = "Invalid arguments!";
				}
			} else {
				$tpl_paste_add = new fbTemplate($TEMPLATES . "paste_add.html");
				$tpl_paste_add->set('action', $PBASEHTTP . "/?action=new&save=1");
				$tpl_paste_add->set('formats', $GeSHi_formats);
				$tpl_index->add_child('body', $tpl_paste_add);
				$header = "New Paste";
			}
			break;
		case 'tagsposts':
			if(isset($_REQUEST['tag'])) {
				$tag = preg_replace("[^a-zA-Z0-9\-]", "", $_REQUEST['tag']);
				$pastes = $pastebinNG->get_tags_pastes($tag);
				if($pastes == FALSE) {
						$pastes = array();
				} else {
					foreach($pastes as $k => $v) {
						$pastes[$k]['link'] = $PBASEHTTP . "/?action=view&id=" . $v['post_id'];
						if(strlen($v['title']) == 0) {
							$pastes[$k]['title'] = $v['id'];
						}
					}
				}
				$tpl_tags_pastes = new fbTemplate($TEMPLATES . "tags_pastes.html");
				$tpl_tags_pastes->set('tags_pastes', $pastes);
				$tpl_index->add_child('body', $tpl_tags_pastes);
				$header = "Pastes for " . $tag;
			}
			break;
		default:
			$page = "Homepage";
			$header = "Homepage";
			break;
	}
} else {
	$page = "Homepage";
	$header = "Homepage";
}

if($page == "Homepage") {
	$tpl_body = new fbTemplate($TEMPLATES . "homepage.html");
	// $tpl_body->set('content', "<p>So this is what they call content!</p>");
	$tpl_index->add_child('body', $tpl_body);
}
$head_extra = "";
foreach($head_extra_arr as $v) {
	$head_extra .= $v . "\n";
}

$tpl_index->set('head_extra', $head_extra);
$tpl_index->set('header', $header);
$tpl_index->set('footer', "Pastebin-NG v0.1 By Daniel Bartlett, 2008");
$tpl_index->set('error', $err);
echo $tpl_index->render();

?>